It seems that even if you are completely innocent, you can lose your email account if a bank wants you to.

I really try to avoid blogging on the same subject on two blogs, but this case is so frightening, it has to be brought to the attention of many people as possible.  You can see my more journalistic effort on this news over at Tech.BLORGE.com, but over here, where I’m the boss, I’m going to be a bit more blunt on my feelings about it.

The short version of the story is that Wilson, Wyo.-based Rocky Mountain Bank emailed out a list of 1,300 customers of its bank on Aug. 12th.  This list included their names, addresses, social security numbers and loan information, in other words, highly sensitive information.  After sending out the email, someone at the bank realized it had been sent to the wrong Gmail account.  They emailed the account that had sent it to and instructed whomever received it to destroy it without opening it.

When the bank did not hear back from the person, they contacted Google demanding that the identity of the account holder be turned over to them.  Google said that due to their privacy rules, a court order was needed to do such.  The bank then went to court and demanded not only an order for the information, but also for Google to deactivate the account.  U.S. District Court Judge James Ware in the northern district of California issued the order this past Wednesday.  The bank asked for it to be done under seal, but U.S. District Court Judge Ronald Whyte denied that request.

There is no indication if Google has obeyed the order yet, but that doesn’t change the fact that this order should have never been issued.  The order for the person’s information is perfectly reasonable, but to ask for the account to be deactivated, and for the judge to agree to this, is just beyond the pale of good sense.  A person, who’s only crime is that he received an unintended email, has been stripped of his email account, something that could be life altering for a large number of individuals.

Online Media Daily spoke with John Morris, general counsel at the Center for Democracy & Technology, about the subject.  Here’s what he said:

It’s outrageous that the bank asked for this, and it’s outrageous that the court granted it.  What right does the bank have and go suspend the email account of a completely innocent person? At the end of the day, the bank obviously screwed up. But it should not be bringing a lawsuit against two completely innocent parties and disrupting one of the innocent party’s email contact to the world.

Other lawyers are bringing up possible First Amendment ramifications of the case, saying that this significantly impacts the individuals rights to communicate online.  I think they may be overstating the First Amendment aspects of the case, but then again, I’m not a Constitutional lawyer.  It could easily be argued that no one has a “right” to communicating online at all, but I could be wrong in that aspect also.

What does trouble me is that there is no mention of proof that this person either read the emails from the bank, or might not even be logging into their account.  If it’s the latter, then this person has had their identity revealed and been drug through court for absolutely nothing.  Heck, there is even a chance the emails went to their spam folder.

No matter how you look at this case it is troubling, and I am sure this isn’t the last we’ve heard of it.  I would especially like to hear how Judge Ware felt justified in deactivating the account.

This is a scary, scary time for all email users after this case.